EXPERION PKS. IO-Network-and-Security-Planning-Guide RELEASE 516. EPDOC-X586-en-516A August 2020

RELEASE

51

6

IO-Network-and-Security-Planning-Guide

EPDOC-X586-en-516A August 2020

This document contains Honeywell proprietary information. Information contained herein is to be used solely for the purpose submitted, and no part of this document or its contents shall be reproduced, published, or disclosed to a third party without the express permission of Honeywell International Sàrl.

While this information is presented in good faith and believed to be accurate, Honeywell disclaims the implied warranties of merchantability and fitness for a purpose and makes no express warranties except as may be stated in its written agreement with and for its customer.

In no event is Honeywell liable to anyone for any direct, special, or consequential damages. The information and specifications in this document are subject to change without notice.

Chapter 1 - About this document

1

Chapter 2 - Introduction

2

2.1 Overview

2

2.1.1 Use of IP Addresses in an I/O Network 2

Chapter 3 - Custom Protocols

5

3.1 UOC to 900 I/O

5

3.1.1 HSR Ring Topology with 900 I/O 5

3.1.2 Redundant Star (PRP) Topology to 900 I/O 8

Chapter 4 - Ethernet IP

11

4.1 Planning a Honeywell network

11

4.1.1 Planning EtherNet/IP implementation 11

4.2 UOC and vUOC to EIP

25

4.2.1 DLR Ring Topology with EtherNet/IP and 900 I/O devices 25

4.2.2 Non-Redundant Star to 900 I/O and EIP Devices 29

4.2.3 EtherNet/IP in Experion Control Builder 31

4.2.4 vUOC 33

4.3 C300 to EIP

35

4.3.1 THROUGH Experion EIM (Ethernet Interface Module) 35 4.3.2 C300 Configuration for Control Through Ethernet/IP™ Devices 36

4.3.3 EIM-EIP Terms and Definitions 36

Chapter 5 - Profinet

45

Chapter 6 - IEC 61850

47

6.1 C300 to 61850

47

6.2 EIM IEC61850

47

6.2.1 IEC 61850 control integration topologies 47

6.2.2 HSR topology model 47

6.2.3 PRP topology model 49

Chapter 7 - Installing and Replacing Switches

51

7.1.7 Configuring interface options 59

7.2 Configuring a Stratix switch for Ethernet/IP™ integration

61

7.2.1 Prerequisites 61

7.2.2 To configure the Stratix switch for Ethernet/IP™ integration 61

7.2.3 Connecting locally to the switch 61

7.2.4 To connect locally to the switch 62

7.2.5 Checking the version of the switch IOS 62

7.2.6 Accessing switch configuration files 63

7.2.7 Configuring switch interface options 66

7.2.8 To configure the switch interface options 66

7.2.9 Setting up the IP address for the switch 68

7.2.10 Loading the switch configuration file 68

7.2.11 Switch Maintenance 69

Chapter 8 - Security Guidelines

71

8.1 General

71

8.2 Organizational Security

71

8.3 Physical Security

71

8.4 Communication Hardening

72

8.5 Securing Connection to Downlink Network

72

8.6 Maintenance, Configuration and Operation

72

8.6.1 Third Party Configuration Files 72

8.6.2 Third Party Firmware Files 73

A

BOUT THIS DOCUMENT

The purpose of this document is to present information on Ethernet-based IO and Device Networks as used within Experion Systems. Topics related to topologies, network configuration and security are discussed. Topics related to the configuration of specific Experion controllers and gateways are discussed elsewhere, in device-focused documents.

Revision history

Revision

Date

Description

A August 2020

Initial release

I

NTRODUCTION

Ethernet is deployed within Experion systems in multiple ways. Fault Tolerant Ethernet (FTE) is the Honeywell solution for high availability, redundant Ethernet communication between Level 2 (HMI and Supervisory Control) and Level 1 (Process Connected Control) nodes of the Experion DCS.

Below Level 1, Ethernet enables communication from various Experion controllers and gateways to a variety of IO and Devices types, both Honeywell manufactured and 3rd party. These Level 1 networks can be thought of as Ethernet IO and Device Networks. These are based on multiple different protocols and can be deployed in a multiple different topologies.

2.1

Overview

Industrial Ethernet used for Level 1 IO and Device networking in Experion includes the following broad categories of deployments.

l Custom Protocols l Ethernet / IP l Profinet l IEC 61850

New capabilities in each of these categories will be added over time. The current version of this document focuses on Custom Protocols and Ethernet / IP. Other categories are not yet described in detail.

2.1.1

Use of IP Addresses in an I/O Network

The I/O network must have a different IP subnet than the FTE subnet.

C

USTOM

P

ROTOCOLS

3.1

UOC to 900 I/O

3.1.1

HSR Ring Topology with 900 I/O

High Availability Seamless Redundancy Protocol (HSR) is an industrial redundancy

communication protocol standardized by the International Electrotechnical Commission as IEC 62439-3 edition 2. It allows system to overcome single network failure without affecting data transmission. It can be applied to industrial Ethernet applications since it is independent of the protocols and provides seamless failover. HSR realizes active network redundancy by packet duplication over two independent networks that operate in parallel.

When connecting to ControlEdge 900 I/O only, a redundant ring topology may be used. The ring type is HSR (High Availability Seamless Redundancy). In this topology no third party redundancy boxes are required. The UOC CPM connects directly, using its two downlink Ethernet ports. Similarly, EPM modules connect directly using their two Ethernet ports. When a UOC downlink is constructed in this fashion, it is not possible to connect third party I/O, Devices or PLCs. Only 900 I/O racks may be connected.

When connecting CPMs and EPMs into an I/O network ring, the numbered ports must be

connected so that odd numbered ports always connect to even numbered ports. Incorrect cabling will result in LAN ID Errors and reduced robustness. To clear the LAN ID errors and the associated software, reset statistics. This is shown in the following diagram for the case of a redundant UOC rack with two UOC CPMs connecting to two, 4-I/O slot, non-redundant racks, each with its own EPM. Also shown are the CPM’s connection of ETH1 to the A, Yellow FTE network tree and ETH2 to the B, Green FTE network tree.

Figure 3.1 Downlink I/O Network

Considerations for components that connect to a UOC’s downlink HSR ring network are summarized in the following table.

Component

Type

Comments

ControlEdge

UOC CPM

The UOC CPM must be connected to the downlink I/O ring

such that even numbered ports always connect to odd

numbered ports. Important properties of UOC CPM

communications on the downlink network are configured on

the UOC Platform Block in Control Builder. This includes

configuration of the UOC DHCP server for assigning EPM IP

addresses. It also includes setting the Downlink Network

Configuration to Ring-HSR. For complete information on

configuring the downlink network properties on the UOC

Platform Block, see the

UOC Platform Block

section.

ControlEdge

900 I/O

Racks with

EPMs

When connecting to ControlEdge 900 I/O only, a redundant

start topology may be used. The non-redundant star topology is

described in section

UOC and vUOC to EIP

and this section

focuses only on redundant star topology. Before it is inserted

into its slot, the 100X rotary switch on the EPM board must be

set to indicate I/O network connectivity. This is done by setting

it to position 3 for HSR I/O network type. The IP address of the

EPM is assigned by the UOC CPM based on the module

number set on the 10X and 1X rotary switches. Ensure that the

values within the range of 1-12 are used, as these are the valid

values. This too must be set before the EPM is inserted into its

slot. For complete information see the

ControlEdge 900 I/O

Device Connectivity

section.

3.1.2

Redundant Star (PRP) Topology to 900 I/O

Parallel Redundancy Protocol (PRP) is a data communication network standardized by the International Electrotechnical Commission as IEC 61850 edition 2. It allows systems to overcome single network failure without affecting data transmission. It can be applied to industrial Ethernet applications since it is independent of the protocols and provides seamless failover.

PRP provides redundancy by sending two copies of the same frame over two independent networks. A Redundancy Control Trailer (RCT) is added to each frame (which includes a sequence number to upport detection of duplicate messages so that one may be discarded.) It supports zero failover time.

When connecting to ControlEdge 900 I/O only, a redundant star topology may be used. This section focuses only on redundant star topology. For non-redundant star topology, see section Non-Redundant Star Topology to 900 I/O and EIP devices. The network redundancy type is PRP (Parallel Redundancy Protocol). In this topology no third party redundancy boxes are required. The UOC CPM connects directly, using its two downlink Ethernet ports. Similarly, EPM modules

connect directly using their two Ethernet ports. When a UOC downlink is constructed in this fashion, it is not possible to connect third party I/O, Devices or PLCs. Only 900 I/O racks may be connected.

An example of a UOC and two 900 I/O racks on a downlink, redundant, star network is shown in the following diagram. Also shown are the CPM’s connection of ETH1 to the A, Yellow I/O network tree and ETH2 to the B, Green I/O network tree.

Figure 3.2 Redundant Star Network

The UOC does not support star topologies which mix redundant and non-redundant connectivity. Downlink star networks must be set up as exclusively redundant or exclusively non-redundant. Considerations for components that connect to a UOC’s downlink non-redundant or redundant star network are summarized in the following table.

Component

Type

Comments

ControlEdge

UOC CPM

Important properties of UOC CPM communications on the

downlink network are configured on the UOC Platform Block in

Control Builder. This includes configuration of the UOC DHCP

server for assigning EPM IP addresses. It also includes setting

the Downlink Network Configuration to “Non-redundant” in the

case of a non-redundant star network or “Star-PRP” in the case

of a redundant star network. For complete information on

configuring the downlink network properties on the UOC

Platform Block, see the

UOC Platform Block

section.

ControlEdge

900 I/O

Racks with

EPMs

Before it is inserted into its slot, the 100X rotary switch on an

EPM board must be set to indicate I/O network connectivity.

For a non-redundant or redundant star network, this is done by

setting it to position 4. The IP address of the EPM is assigned

by the UOC CPM based on the module number set on the 10X

and 1X rotary switches. Ensure that the values within the range

of 1-12 are used, as these are the valid values. This too must be

set before the EPM is inserted into its slot. For complete

information see the

ControlEdge 900 I/O Device Connectivity

section.

Unmanaged

Switches

900 I/O racks with EPM gateways have been qualified to

communicate with UOC through unmanaged switches.

Managed switches may not be used. For information on

qualified switches see the ControlEdge 900 Hardware and

E

THERNET

IP

Ethernet/IP™ is an application layer protocol for industrial automation applications. It uses all the transport and control rotocols used in traditional Ethernet including the Transport Control Protocol (TCP), the User Datagram Protocol (UDP), the Internet Protocol (IP) and the media access and signaling technologies found in off-the-shelf Ethernet interfaces and devices. It allows the user to address a broad spectrum of process control needs using a single technology.

Ethernet/IP™ is currently managed by the Open DeviceNet Vendors Association (ODVA).

Ethernet/IP™ is the name given to the Common Industrial Protocol (CIP™), as implemented over standard Ethernet (IEEE 802.3 and the TCP/IP UDP protocol suite). CIP™ encompasses a comprehensive suite of messages and services for a variety of manufacturing automation applications, including control, safety, synchronization, motion, configuration and information.

4.1

Planning a Honeywell network

4.1.1

Planning EtherNet/IP implementation

Starting with the Experion R501 there are two ways to integrate Ethernet/IP™ with Experion PKS. It is important to be aware of these two solutions and any rules or limits that may need to be considered when implementing both on the same Server Cluster. Both solutions are supported in Experion R501.

The solutions differ primarily in their topologies and the manner in which they interface the C300 to the associated Ethernet/IP™ network and Ethernet/IP™ devices.

l DIRECT: C300 Ethernet/IP™ solution (first released with Experion R430, support will continue

in R501).

In this solution Ethernet/IP™ devices are connected to Experion FTE network through Tofino firewall and the IP address of Ethernet/IP™ devices has the same subnet as the FTE network.

l THROUGH EIM: C300 Ethernet Interface Module (EIM) solution (first released with Experion

R501).

In this solution, Ethernet/IP™ devices are connected to EIM-EIP downlink port, hence physically isolated from the FTE network. The Ethernet/IP™ device network has different IP subnet, as compared to FTE subnet.

ATTENTION

If any need arises to connect FTE network to Ethernet/IP™ device network (e.g. for ControlLogix tag access to Experion SCADA server), it must be routed through L2.5

Additionally, the following sections provide more information to help you plan and design an Ethernet/IP™ interface for the integration between C300 and the Ethernet/IP™-compatible devices:

l Network requirements

l Ethernet/IP™ implementation architecture and topology l Configuring a Stratix switch for Ethernet/IP™ integration l Tofino firewall configuration

Network requirements

The following table lists hardware and software components that may be used as part of integrating Ethernet/IP™ with Experion.

Hardware components

Component

Supported type/version

Description

CISCO

switches

2960 and above

Level 2 CISCO switches

For more information about

configuring Level 2 CISCO switches,

see Fault Tolerant Ethernet Overview

and Implementation Guide.

HP Switches

All versions supported

by FTE

Level 2 / Level 1 HP switches

Tofino

security

appliance

(Applicable

only for

DIRECT

Ethernet/IP™

interfacing

option)

TSA 100 and Tofino

Xenon Security

Applicance

For more information

about the required

hardware and software

requirements for Tofino

firewall configuration,

see

Software and

hardware requirements

for Tofino configuration

.

The Tofino Industrial Security Solution

helps in providing secure

communication on the industrial

control network. It is a distributed

network security solution. The Tofino

security appliance is a security device,

which is connected to the Level 2

CISCO switches and the Stratix Switch.

For more information about the

Tofino firewall and configuring the

Tofino firewall, see:

l

Tofino Security

l

Tofino firewall configuration

Stratix switch Stratix 8000 (IOS

firmware revision 15.0)

Stratix 5700 (IOS

firmware revision 15.2

(3) EA1)

For DIRECT:

l

The Stratix switch is used for

connecting the

Ethernet/IP™-enabled devices and ControlLogix

PLC to the C300 controller

Component

Supported type/version

Description

the CISCO switches.

For THROUGH EIM:

l

The Stratix switch is used for

connecting the

Ethernet/IP™-enabled devices and ControlLogix

PLC to the C300 controller

through the EIM-EIP module.

For more information about Stratix

switches, see the

Rockwell Literature

Library

.

For more information about

configuring Stratix switches, see

Configuring the Stratix switch for

EtherNet/IP integration

ArmorPoint

adapter

ArmorPoint 1738-AENT

adapter

For more information about installing

and configuring the ArmorPoint

1738–AENT adapter, see the

Rockwell

Literature Library

.

ArmorPoint

I/O modules

ArmorPoint

1738-IB4DM12

ArmorPoint

1738-IB8M12

ArmorPoint

1738-IE2CM12

ArmorPoint

1738-IE4CM12

ArmorPoint

1738-IR2M12

ArmorPoint

1738-IT2IM12

ArmorPoint-1738-OA2M12AC3

ArmorPoint

1738-OB2EPM12

ArmorPoint

1738-l

For more information about the

supported I/O modules of the

ArmorPoint family, see

Ethernet/IP™ device

configuration in the Control

Building User’s Guide.

l

For more information about

installing and configuring the

Ethernet/IP™-compliant

ArmorPoint I/O devices, see the

Component

Supported type/version

Description

ArmorPoint

1738-OE4CM12

ArmorBlock

I/O modules

ArmorBlock

1732E-IB16M12DR

ArmorBlock

1732E-IF4M12R

ArmorBlock

1732E-IR4IM12R

ArmorBlock

1732E-IT4IM12R

ArmorBlock

1732E-OF4M12R

For more information about installing

and configuring the

Ethernet/IP™-compliant ArmorBlock I/O devices,

see the

Rockwell Literature Library

.

PowerFlex

Drives

PowerFlex 753 and 755 For more information about installing

and configuring the PowerFlex 753

and 755 drives, see the

Rockwell

Literature Library

.

Adapter for

E3 and E3

plus relays

193-DNENCATR

For more information about installing

and configuring the 193-DNENCATR

adapter, see the

Rockwell Literature

Library

.

Relays

E3, E3 plus, and E300

For more information about installing

and configuring the E3, E3 plus, and

E300 relays, see the

Rockwell

Literature Library

.

NOTE

For more details on

Ethernet/IP™ E300

Electronic Overload Relay,

refer to

https://www.honeywellproce

ss.com/library/support/soft

ware-downloads/Customer/Experi

on-PKS-EthernetIP-E300-

Electronic-Overload-Relay.zip

.

ControlLogix

PLC

5572 and 5555

For more information about installing

and configuring the ControlLogix

Component

Supported type/version

Description

Library

.

Ethernet/IP™

Tap (ETAP)

1783–ETAP

The 1783 ETAP can be used as a Ring

Supervisor and also as a

non-supervisor.

For more information about installing

and configuring the 1783 ETAP, see

the

Rockwell Literature Library

.

Drive

Explorer

The DriveExplorer is an easy-to-use

application, which is used for online

configuration of PowerFlex drives and

communication adapters. It is also

used for monitoring purposes.

For more information about

DriveEplorer, see:

l

Rockwell Literature Library

DriveExplorer

Allan Bradley

OPC Server

from

MatrikonOPC

The MatrikonOPC Server for Allen

Bradley PLCs enables data

interchange between OPC clients and

Allen Bradley-compliant devices.

For documentation about installation

and configuration, see MatrikonOPC

Server for Allen Bradley PLCs Online

Help.

RSLinx

software

The RSLinx software is used to assign

IP address for ETAP/ControlLogix

PLC modules.

ATTENTION

1. Ensure that there are no duplicate IP nodes on the network. If the IP address of an existing Ethernet/IP™ I/O on the network is assigned to another Ethernet/IP™ I/O device, the existing Ethernet/IP™ I/O device loses its communication with the C300/ EIM-EIP.

2. Ethernet/IP™ output I/O Device and device with input and output combination talks to EIM using multicast. Stratix 8000 and Stratix 5700 switches are recommended to use with max 180 multicast addresses. If number of such devices in one

also to communicate between C300 and the Ethernet/IP™-compatible third-party devices, such as I/Os, drives, and relays.

ATTENTION

While using DLR (Device Level Ring) on Stratix 5700 Switch, DO NOT CONNECT a DLR network to a NON-DLR port on the Switch. DLR should be connected only to the DLR ports on the switch. Doing this will result in the entire down link network going down. The recovery is to only remove the DLR connection from the switch.

Supported Ethernet/IP™ topologies

The Ethernet/IP™-I/O devices, drives, and relays can be set up in one of the following network topologies:

l Ring topology - The nodes of the network are connected in a circular mode, forming a ring. l Linear bus topology - Nodes are connected in a linear array, with a single cable hop from one

device to the next.

l Star topology - The nodes of the network are connected to a central hub.

The topology can also be a hybrid setup with a combination of star, linear bus, and ring topologies. A Device-level ring topology is recommended because it provides a network that is single-fault tolerant.

In an Ethernet/IP™ implementation setup, the ring network includes the following components:

l Ethernet/IP™-compatible I/O devices, drives, and relays l Ring supervisor

l ETAP modules for single port devices l Stratix 5700 switch

One of the 1783 Ethernet/IP™ TAP (ETAP) is configured as the Ring supervisor, which is connected to the Stratix switch. The Ring supervisor is an important component on the ring network because it is used as the connection media between the Ethernet/IP™-compatible devices and the Stratix switch. Therefore, if the connection between the Ring supervisor and the Stratix switch is lost, the connection from the I/O devices to the C300 controller will be lost.

The Stratix 5700 switch is capable of playing Ring Supervisor role and can be a node on the ring. If the Stratix 5700 is part of DLR (Device Level Ring), then having ETAP as a Ring Supervisor is not mandatory.

The 1783-ETAP modules are also used to connect single-port devices on the ring and linear bus network.

NOTE

Experion SCADA access for ControlLogix tags using Matrikon OPC server will also work in this topology. Matrikon OPC requires the Allen Bradley via Ethernet/IP™ driver for communication. Refer to the SCADA access guide.

l THROUGH EIM or C300 EIM Solution Topology l DIRECT or C300 Ethernet/IP™ Solution Topology

THROUGH EIM or C300 EIM Solution Topology

The Ethernet/IP™ implementation architecture and topology for THROUGH EIM method can be split into 2 stages:

l EIM_EIP FTE Topology l EIM_EIP Downlink Topology

1. For EIM_EIP FTE Topology:

Figure 4.1 THROUGH EIM or EIM_EIP FTE Topology The above Figure represents the following entities:

l The Experion system on the FTE network l The C300 controllers connected to CF9

l EIM-EIP modules uplink ports connected to CF9/L2 FTE switch

NOTE

EIM-EIP has firewall (CF9 equivalent) functionality built-in, hence it is not

mandatory to connect EIM-EIP to CF9. It can be even directly connected to L2/L1 FTE switches, if the ports on those switches have been configured as per

recommendation (please refer switch configuration section). As CF9 connection provides best recovery time from cable faults, the best practice recommendation would be to connect EIM-EIP uplink to CF9.

2. For EIM_EIP Downlink Topology:

EIM-EIP downlink topology can be of many different types. Few typical topologies are depicted below, but there could be many more combinations possible. For details please refer to Through EIM Ethernet/IP™ Different Topology Example Scenarios.

a. One or Multiple EIM's downlink connected to DLR through ETAPs.

Figure 4.2 EIM_EIP Downlink Topology with One or Multiple EIMs Connected to connected to DLR

l EIM downlink network is connected to 1783-ETAP (in case of redundant pair, one

connection from each module will be connected to one dedicated ETAP)

l 1783-ETAP connected to Device Level Ring (DLR)

l Multiple EIMs can be connected to single ring (one device can talk through one EIM

only)

b. EIM downlink connected to Stratix Switch. Primary and Secondary EIMs connected to different switches to avoid single point of failure.

Figure 4.3 EIM_EIP Downlink Topology with One or Multiple EIMs Connected to Stratix Switch

The above Figure represents the following entities: For the topology with 2 EIM connections:

l EIM downlink is directly connected to Stratix (8000/5700) switch.

l In case of redundant EIM, Primary and secondary EIM downlink can be connected

to same stratix switch or can bi distributed across two switches (to avoid single point of failure and complete Loss of Control).

l Ethernet/IP™ devices can be connected to Stratix (8000/5700) switch using:

o _{Star topology} o Linear bus topology o _{Device Level Ring topology}

For the topology with 4 EIM connections:

l Multiple EIMs downlinks are connected to same set of Stratix switches

l Ethernet/IP™ device connectivity to the Stratix switch remains same as captured

above

c. EIM downlink connected to Stratix 5700 switch which is participating in DLR and also has Non-DLR ports for device/IO/CLX connections.

Figure 4.4 EIM_EIP Downlink Topology with One or Multiple EIMs Connected to Stratix 5700 switch

The above Figure represents the following entities:

l EIM downlink is connected to Stratix 5700 switches.

l Stratix 5700 supports DLR and hence can be a node on DLR.

l Two Stratix switches in this figure are directly connected to DLR along with other

Ethernet/IP™ devices, ControlLogix PLC.

l Stratix 5700 switch’s other non-DLR ports can be used to connect Ethernet/IP™

devices in Star and Linear bus topology.

Below is one example of integrated topology which shows FTE and downlink network along with inter connection for SCADA-ControlLogix access:

Figure 4.5 EIM_EIP Downlink Topology with inter connection for SCADA-ControlLogix access Experion SCADA can access ControlLogix tags through L2.5 router. If L2.5 router is not present, then L3 router can be used. From Security reasons, Honeywell recommends to establish this connectivity through L2.5 router.

DIRECT or C300 Ethernet/IP™ Solution Topology

The following figure depicts the Ethernet/IP™ implementation architecture:

Figure 4.6 DIRECT or C300 Ethernet/IP™ Solution Topology The preceding graphic represents the following entities on the network:

l The Experion system on the FTE network l The C300 controllers and the Level1 switch l Tofino firewall

l Stratix switch

l The Ethernet/IP™ I/O devices on an Ethernet/IP™ network l The ControlLogix PLC on an Ethernet/IP™ network

The following components on the Ethernet/IP™ network help in the integration of C300 with the Ethernet/IP™-compatible I/O devices and the integration of C300 with the ControlLogix PLC:

l Level 2 CISCO switches - The level 2 CISCO switches provide a connectivity medium for C300

and the Ethernet/IP™-compatible I/O devices on the Ethernet/IP™ network.

Figure 4.7 Level 2 CISCO Switch in Ethernet/IP™ Network

The Ethernet/IP™ network must be connected to the yellow CISCO switch. The components are connected as follows, as shown in the figure:

o C300 controllers are connected to CF9

o The CF9 devices are connected to the CISCO switches on level 2

o Additionally, the connections from the Ethernet/IP™-compatible I/O devices

connected to the Stratix switch converge to the CISCO switch through the Tofino firewall.

For more information about configuring the Level 2 CISCO switches, see Fault

Tolerant Ethernet Overview and Implementation Guide.

l Tofino firewall - The Tofino firewall is used as a security solution to ensure a secure

communication on the network. The Tofino security appliance is added to allow only the Ethernet/IP™ traffic to and from the L2 Switches. You can define firewall rules, specify the devices that are allowed to communicate, and specify the protocols that can be used. The Tofino firewall is connected to the Stratix switch. For more information about Tofino firewall configuration, seeTofino Configuration overview

Figure 4.8 Stratix Switch in Ethernet/IP™ Network

o The I/O devices, drives, and relays o The ControlLogix PLC

o Computer in which third-party tools are installed

For more information about the Stratix switch configuration, seeConfiguring the Stratix switch.

l Ring Supervisor - The Ring supervisor is a part of the Ethernet/IP™ devices. The Ring

supervisor connects to the Stratix switch. If a Stratix 8000 is used, then the Ring Supervisor resides in a separate device, typically an ETAP, and connects to the siwtch. If a Stratix 5700 is used, then the switch may be connected directly to the DLR ring.

Figure 4.9 Ring Supervisor in Ethernet/IP™ Network

l ETAP- The 1783-ETAP modules are used to connect single-port devices to a ring or linear bus

network.

l Computer to install third-party tools - You can use the computer to install third-party tools that

are required. For example: DriveExplorer, and web access to Ethernet/IP™ I/O devices. ControlLogix-controlled Ethernet/IP™ devices - The Ethernet/IP™ I/O devices controlled by the ControlLogix must not be directly connected on a Stratix switch. These devices must be configured under the Control Logix chassis through a downlink Ethernet/IP™ module. For more information about configuring Ethernet/IP™ devices for the ControlLogix PLC, see the ControlLogix

Device Level Ring (DLR) is layer 2 data link layer protocol that provides media redundancy, faster network fault detection, and network fault resolution in a ring topology.

Advantages:

l DLR reduces the number of external components and associated cabling, which eases design

and installation. It also reduces the cost.

l When a ring breaks, DLR detects it and provides alternate routing of the data to help recover

the network at extremely fast rates.

l Line faults of bidirectional rings can be reconfigured quickly, as switching happens at a high

level, and thus the traffic does not require individual rerouting.

On network with only DLR devices, one device act as an active ring supervisor and other devices form ring nodes. DLR network contain a maximum 50 IP address nodes (This is Honeywell specification).

DLR network should have at least one node configured as ring supervisor. If there are multiple nodes configured as supervisor, then the node with highest supervisor precedence value becomes active supervisor, others will be backup Supervisors.

The active ring supervisor cyclically sends out Beacon Frames and Announce Frames on both ports. They are received on one port of a ring node, processed and passed on to the next ring node via the other port.

DLR ring topology which provides redundancy protection against a single network ring fault. Installation and maintenance of a downlink EtherNet/IP network must be done in accordance with the best practices of Ethernet networking in general and EtherNet/IP in particular.

In this topology, UOC connects directly to the ring through downlink ports ETH3 and ETH4. EPM connects through their ETH1 port and ETH2 port directly to ring networks.

An example of a DLR Ring network is shown in the following diagram.

Figure 4.10 Downlink DLR Network

Installation and maintenance practices for the UOC’s downlink EtherNet/IP network generally follow those described in the EtherNet IP User's Guide. Additional considerations for components

ATTENTION

Native support for DLR protocol was recently added to the EPM. An EPM with a firmware version that does not support native DLR should not be directly connected to a DLR I/O network until its firmware has been updated to support DLR communications.

Component

Type

Comments

ControlEdge

UOC CPM

The UOC CPM connects to a downlink EtherNet/IP network

through its ETH3 and ETH4 ports. Important properties of

UOC CPM communications on the downlink network are

configured on the UOC Platform Block in Control Builder. This

includes configuration of the UOC DHCP server for assigning

EPM IP addresses. It also includes Downlink Network

Configuration to Non-redundant.

ControlEdge

900 I/O

Racks with

EPMs

When 900 I/O is used, the EPM in the I/O rack serves the role

of communication gateway into the I/O rack. When an EPM is

connected, ETH1 port and ETH2 port are directly connected to

an EtherNet/IP network. Before it is inserted into its slot, the

100x rotary switch on the EPM board must be set to indicate

the type of network connectivity in use. This is done by setting

it to position 5 for the DLR I/O network type.

The IP address of the EPM is assigned by the UOC CPM based

on the module number set on the 10X and 1x rotary switches.

These switches must also be set before the EPM is inserted

into its slot.

For complete information on the use of ControlEdge EPM and

900 I/O, see

ControlEdge 900 I/O

section.

ControlLogix

PLC

UOC can communicate with Rockwell Allen Bradley

ControlLogix PLCs by passing instances of User Defined Types

(UDTs). References to ControLogix data are created in

Experion Control Builder Control Builder with the aid of tag

names provided by the Matrikon Allen Bradley OPC server or

by export of ControlLogix tag names from the Rockwell Allen

Bradley Studio 5000 designer tool. ControlLogix PLCs on a

UOC’s downlink EtherNet/IP network must always use static IP

address assignments. For information on the configuration of

ControlLogix communications, see EtherNet IP User's Guide_

EPDOC-X399-en-510A.pdf.

EtherNet/IP

I/O and

Devices

UOC supports a set of EtherNet/IP devices with pre-populated

CEE block types in Experion Control Builder Control Builder

(CB). In addition, CB provides the Parameter Definition Editor

(PDE) tool which allows for the integration of new EtherNet/IP

I/O and devices independent of Experion Control Builder

release. Although some third party EtherNet/IP devices

support IP address assignment from a network resident DHCP

server, this feature cannot be used when the EtherNet/IP

network connects to UOC. All device IP addresses must be

statically assigned. For further information, see EtherNet IP

Component

Type

Comments

User's Guide_EPDOC-X399-en-510A.pdf.

Allen Bradley

OPC Server

from

MatrikonOPC

The Rockwell Allen Bradley OPC Server from MatrikonOPC can

be installed on the Engineering Station in systems which

incorporate UOC. The Matrikon OPC Server enables one of two

methods whereby ControlLogix tag names can be used to

make UDT references in a UOC strategy. For further

information, see EtherNet IP User's

Guide_EPDOC-X399-en-510A.pdf.

Studio 5000

Logix

Designer

Software

Studio 5000 Logix Designer Software from Rockwell Allen

Bradley is used in conjunction with UOC configurations to

configure IP addresses of Rockwell Allen Bradley EtherNet/IP

devices. It can also be used to export a file which defines

ControlLogix tag names so that they can be used in Control

Builder to construct UDT data references from UOC. For

further information, see EtherNet IP User's

Guide_EPDOC-X399-en-510A.pdf.

ATTENTION

While using DLR (Device Level Ring) on Stratix 5700 Switch, DO NOT CONNECT a DLR network to a Non-DLR port on the Switch. DLR should be connected only to the DLR ports on the switch. Doing this will result in the entire downlink network going down. The recovery is to only remove the DLR connection from the switch.

4.2.2

Non-Redundant Star to 900 I/O and EIP Devices

In addition to the DLR ring topology, the UOC can also connect to a non-redundant star EtherNet/IP network through its ETH3 downlink port. This allows it to communicate

simultaneously with ControlEdge 900 I/O as well as EtherNet/IP-capable I/O, devices and PLCs. Installation and maintenance of a downlink EtherNet/IP network must be done in accordance with the best practices of Ethernet networking in general and EtherNet/IP in particular.

NOTE

vUOC supports Non-Redundant topology.

In this topology, CPMs connect through their ETH3 downlink port with ETH4 port disconnected. EPMs connect through their ETH1 port with ETH2 port disconnected. An example is shown in the diagram below.

Figure 4.11 UOC CPM to 900 I/O and EIP Devices

Installation and maintenance practices for the UOC’s downlink EtherNet/IP network generally follow those described in EtherNet IP User's Guide_EPDOC-X399-en-510A.pdf for topology 2, “UOC

Through EtherNet/IP”. Additional considerations for components that connect to the EtherNet/IP network are summarized in the following table. ControlLogix PLCs and EtherNet/IP I/O and Devices are equivalent to those for DLR ring networks.

Component

Type

Comments

ControlEdge

UOC CPM

The UOC CPM connects to a downlink EtherNet/IP network

through its ETH3 and ETH4port. Important properties of UOC

CPM communications on the downlink network are configured

on the UOC Platform Block in Control Builder. This includes

configuration of the UOC DHCP server for assigning EPM IP

addresses. It also includes Downlink Network Configuration to

Non-redundant.

ControlEdge

900 I/O

Racks with

EPMs

When 900 I/O is used, the EPM in the I/O rack serves the role

of communication gateway into the I/O rack. When an EPM is

connected to an EtherNet/IP network, its ETH1 port is

connected to the switch while its ETH2 port is left

disconnected. Before it is inserted into its slot, the 100x rotary

switch on the EPM board must be set to indicate the type of

network connectivity in use. For a non-redundant or redundant

star network, this is done by setting it to position 4. The IP

address of the EPM is assigned by the UOC CPM based on the

module number set on the 10X and 1x rotary switches. These

switches must also be set before the EPM is inserted into its

slot. For complete information on the use of ControlEdge EPM

and 900 I/O, see

ControlEdge 900 I/O Device Connectivity

section.

Unmanaged

Switches

900 I/O racks with EPM gateways have been qualified to

communicate with UOC through unmanaged switches. EPMs

may not be connected through managed switches. For

information on qualified switches see ControlEdge 900 Platform

Hardware Planning and Installation Guide_ HWDOC-X430.pdf.

Stratix

Switches

EIP I/O, devices and PLCs may be connected to UOC through

qualified, Stratix managed switches. For further information on

how to deploy and configure Stratix switches, see EtherNet IP

User's Guide_EPDOC-X399-en-510A.pdf.

4.2.3

EtherNet/IP in Experion Control Builder

Experion Control Builder as a whole supports a variety of topologies for connecting to EtherNet/IP networks. For additional information see EtherNet IP User's Guide_EPDOC-X399-en-510A.pdf. To put UOC topologies into context, supported variations, including that of UOC, are summarized in the following table.

#

Summary

Name

Connectivity

Description

1

SCADA

Server To

EtherNet/IP

SCADA Server

FTE Network

L2.5 or L3 Router

Ethernet Link

EtherNet/IP-capable

Switch

EtherNet/IP Network

PLCs

The Experion Control

Builder SCADA Server

supports connectivity to

Rockwell Allen Bradley

ControlLogix PLCs which

are attached to an

EtherNet/IP network. The

SCADA Server connects to

the L2 FTE network which

provides a path through

an L2.5 or L3 Router and

through non-redundant

Ethernet links, to an

EtherNet/IP-capable,

Stratix switch. Access Lists

of the router must be

configured as a security

boundary between the

FTE and EtherNet/IP

networks.

2

UOC Direct

To

EtherNet/IP

UOC

EtherNet/IP-capable

Switch

EtherNet/IP Network

I/O, Devices and PLCs

The UOC controller

supports connectivity to

I/O, devices and Rockwell

Allen Bradley

ControlLogix PLCs which

are attached to an

EtherNet/IP network. The

UOC connects to a DLR

ring through its ETH3

(with ETH4 left

disconnected) downlink

port. Alternatively, it

connects to a

non-redundant star network.

The IP subnet of the UOC

on its uplink FTE ports is

isolated from the IP

subnet of the UOC on its

downlink EtherNet/IP

port. Honeywell

ControlEdge 900 I/O can

be connected to the

downlink EtherNet/IP

#

Summary

Name

Connectivity

Description

network along with third

party I/O and devices.

NOTE

Users who wish to use UOC with secure communications should be aware that considerable planning and configuration is required in its setup. For further information, see section

Configuring a Secure Connection for Experion Control Builder Integration.

4.2.4

vUOC

Non-Redundant Star to 900 IO and EIP devices

The vUOC supports the non-redundant star I/O network protocol.. This allows it to communicate simultaneously with ControlEdge 900 I/O as well as EtherNet/IP-capable I/O, devices and PLCs. Installation and maintenance of a downlink EtherNet/IP network must be done in accordance with the best practices of Ethernet networking in general and EtherNet/IP in particular.

In this topology, CPMs connect through their ETH3 downlink port with ETH4 port disconnected. EPMs connect through their ETH1 port with ETH2 port disconnected. An example is shown in the diagram below.

Installation and maintenance practices for the UOC’s downlink EtherNet/IP network generally follow those described in EtherNet IP User's Guide_EPDOC-X399-en-510A.pdf for topology 2, “UOC

Through EtherNet/IP”. Additional considerations for components that connect to the EtherNet/IP network are summarized in the following table. ControlLogix PLCs and EtherNet/IP I/O and Devices are equivalent to those for DLR ring networks.

Component

Type

Comments

ControlEdge

UOC CPM

The UOC CPM connects to a downlink EtherNet/IP network

through its ETH3 and ETH4port. Important properties of UOC

CPM communications on the downlink network are configured

on the UOC Platform Block in Control Builder. This includes

configuration of the UOC DHCP server for assigning EPM IP

addresses. It also includes Downlink Network Configuration to

Non-redundant.

ControlEdge

900 I/O

Racks with

EPMs

When 900 I/O is used, the EPM in the I/O rack serves the role

of communication gateway into the I/O rack. When an EPM is

connected to an EtherNet/IP network, its ETH1 port is

connected to the switch while its ETH2 port is left

disconnected. Before it is inserted into its slot, the 100x rotary

switch on the EPM board must be set to indicate the type of

network connectivity in use. For a non-redundant or redundant

star network, this is done by setting it to position 4. The IP

address of the EPM is assigned by the UOC CPM based on the

module number set on the 10X and 1x rotary switches. These

switches must also be set before the EPM is inserted into its

slot. For complete information on the use of ControlEdge EPM

and 900 I/O, see

ControlEdge 900 I/O Device Connectivity

section.

Unmanaged

Switches

900 I/O racks with EPM gateways have been qualified to

communicate with UOC through unmanaged switches. EPMs

may not be connected through managed switches. For

information on qualified switches see ControlEdge 900 Platform

Hardware Planning and Installation Guide_ HWDOC-X430.pdf.

Stratix

Switches

EIP I/O, devices and PLCs may be connected to UOC through

qualified, Stratix managed switches. For further information on

how to deploy and configure Stratix switches, see EtherNet IP

4.3

C300 to EIP

4.3.1

THROUGH Experion EIM (Ethernet Interface Module)

The EIM is a new device introduced into R501 which allows 3rd party Ethernet protocols to be integrated into Experion. It may be used to connect C300s to Ethernet/IP™ devices for exchange of control data. The type of network topology supported by the EIM is illustrated by the following diagram.

Figure 4.13 THROUGH Experion EIM TOPOLOGY Level 2 switch:

Level 2 switch deployed as per recommended practices for FTE (Fault Tolerant Ethernet) within Experion.

Honeywell CF9:

Honeywell CF9 control firewall deployed as switch to connect level 1 Experion nodes. Series C C300 Controller:

Series C C300 process controller supporting communications to level 2 Experion servers and stations as well as peer communication to other Experion controllers and interface modules. Ethernet Interface Module (EIM):

EIM is newly introduced in Experion release R501 to allow communication from peer C300s to downlink Ethernet devices. The EIM-EIP variant supports EIP communication on its downlink. This form of Ethernet/IP™ integration has the following characteristics.

l The EIM serves as a bridge between Experion’s FTE and an Ethernet/IP™ network, which

exists as its own subnet isolated from the FTE community. The FTE IP address limit with EIMs connected is 330. The IP addresses of devices on the Ethernet/IP™ network do not contribute to the FTE addressing limit. Only the EIMs themselves count as FTE nodes.

l Depending on the options selected, it is possible to deploy a system with complete

redundancy from C300 to Ethernet/IP™ device. The EIM optionally supports node redundancy, as does the C300. The FTE link from C300 to EIM is redundant. A redundant EIM pair can be connected to an Ethernet/IP™ DLR (Device Level Ring) redundant network.

The EIM is a multiple-purpose device. It has many operating characteristics which are common when it is deployed as an Ethernet/IP™ interface or as an interface to other Ethernet protocols. For information on the common, platform properties of the EIM module, refer to Ethernet Interface

Module Hardware and Common Platform User’s Guide. EIM behaviors which are specific to

Ethernet/IP™ are described in this document.

4.3.2

C300 Configuration for Control Through Ethernet/IP™ Devices

The manner in which control strategies are configured in the C300 for Ethernet/IP™ connection to controllers and devices is very similar across the two topology variants described above.

In each case, peer communication to Rockwell AB ControlLogix controllers is accomplished using User Defined Types (UDT). UDT blocks are configured in CEE and mapped to a particular data tag within a particular ControlLogix controller at a particular Ethernet/IP™ network address. Both multi-parameter UDTs and scalar UDTs may be accessed. For multi-parameter UDTs, CEE block types may be created which align with the layout of UDT structures in ControLogix. For scalar UDTs, preexisting block types may be used to connect to ControlLogix scalar data. There are slight differences between the two topology variants in the way that UDTs in ControlLogix are addressed. There are also differences in the capacity limits associated with UDT communication.

Similarly, Ethernet/IP™ connectivity to I/O and devices is done in similar fashion across the two topology variants. A set of I/O module and device block types is supported within Experion which can be connected to the corresponding Ethernet/IP™ I/O or devices, either through the EIM or through a 3rd party firewall. In addition, new capabilities in Control Builder allow custom block types to be created to integrate new Ethernet/IP™ devices without waiting for an Experion release. As with UDTs, there are slight differences b between the two topology variants in the way that I/O modules and device are addressed.

The following chapters in this document provide further details about interfacing to Ethernet/IP™ from Experion, for both of the topologies described above. Note that special considerations are required, if it is desired to move an existing configuration from the DIRECT topology to the THROUGH EIM topology.

4.3.3

EIM-EIP Terms and Definitions

Term

Definition

Adaptor

Block

A function block configured in Control Builder to represent

the Adapter Module of a modular I/O station such as Rockwell

AB’s Armor Point I/O.

Adapter

Module

A communication device which connects to the Ethernet/IP™

network to serve data from a set of devices or modules

underneath it. Adapter Modules typically support I/O

connectivity from Scanners via implicit Ethernet/IP™

connections.

Assembly

A set of data passed between a Producer and a Consumer

after an implicit I/O connection has been established on an

Term

Definition

Ethernet/IP™ network.

Configuration

Assembly

An Assembly which transports configuration data from the

Ethernet/IP™ device originating the connection to the

Ethernet/IP™ device or I/O module which is the target of the

connection. Configuration Assemblies are sent at the time that

a connection is initially established. In some cases, the size of

the Configuration Assembly can be 0 so that it transports no

data. In these cases, configuration data is provided by a

separate, Ethernet/IP™-connected tool..

Consumer

The receiver of Assembly data over an Ethernet/IP™ I/O

connection.

ControlLogix

Tag

A named data item resident in a Rockwell AB ControLogix

PLC. Individual, scalar data items can be named with Tags or

groups of data called structures can be named with Tags. The

transport of tagged data between Experion C300 and

ControlLogix is accomplished using UDT Blocks.

Custom Block

Type

A block type in Control Builder and CEE which is created

using tools available to an application engineer. Most block

types in Experion have been created by system developers and

are not Custom Block Types. Some blocks, such as

Ethernet/IP™ I/O Module Blocks, Ethernet/IP™ Device Blocks,

and UDT Blocks have been created using tools available to

application engineers. Application engineers may create new

Custom Block Types to integrate Ethernet/IP™ devices into

Experion which have to not been integrated to date.

Device Block

An Experion block which enables the C300 controller to

communicate with an Several drive and relay device blocks are

supported within Experion.

DLR

Device Level Ring:

A link layer protocol which allows devices to achieve network

redundancy under a ring topology. Each device connected

into the ring has at least 2 Ethernet connections, one to

receive incoming messages and one to forward them down

the ring if they are destined for a different device.

Ethernet/IP™ messages may be transported over DLR rings as

well as other forms of Ethernet topology.

Term

Definition

it. EDS files may be used in the first step of creating an I/O

Module or Device block for interfacing to an Ethernet/IP™

device.

EDS Parser

A tool invoked by the Parameter Definition Editor (PDE) under

Control Builder to take in an Electronic Data Sheet (EDS) file,

parse it, and render an initial Custom Block Type to represent

a specific Ethernet/IP™ device or I/O module. Depending on

how complete is the vendor’s device specification within the

EDS file, the EDS Parser can eliminate much of the manual

worked in evolved in creating a Custom Block Type for an

Ethernet/IP™ device.

Explicit

Messaging

A form of request / response messaging used in Ethernet/IP™

communications. I/O connections are established using

Explicit Messaging and then function via Implicit Messaging.

C300 and EIM use Explicit Messaging to access UDT data

from Rockwell AB ControlLogix PLCs.

Implicit

Messaging

A form of messaging used in Ethernet/IP™ I/O connections.

After establishment, the Producer sends data to the Consumer

without the need to be triggered by a data request.

Input

Assembly

In a C300 I/O Module Block or Device Block, the Input

Assembly transfers data from the target as Producer device to

the C300 as Consumer. Input Assemblies are transported over

I/O connections.

I/O Module

Block

A Control Builder and CEE tagged block which enables the

C300 controller to communicate with an I/O Module. The I/O

Module could be directly connected to the Ethernet/IP™

network or connected through a Scanner.

Modular I/O

An arrangement of Input / Output modules in which the I/O

modules themselves do not correct directly to the

Ethernet/IP™ network but instead connect to an Adapter

Module which provides Ethernet/IP™ connectivity.

Multi-Parameter

UDT

Also called an Aggregate UDT, this is a UDT which

encapsulates multiple data items.

Output

assembly

In a C300 I/O Module Block or Device Block, the Output

Assembly transfers data from the originating, Producer device

to an Ethernet/P device as Consumer. Output Assemblies are

transported over I/O connections.

Term

Definition

A tool invoked within Control Builder to create a new Custom

Block Type for interfacing an Ethernet/IP™ I/O Module or

Device.

Producer

The sender of Assembly data over an Ethernet/IP™ I/O

connection.

RPI

Requested Packet Interval:

The repetitive interval by which assemblies are periodically

transported over Ethernet/IP™ I/O connections between

Producer and Consumer.

Scalar UDT

A UDT which encapsulates a single data item.

Scanner

A device which connects to the Ethernet/IP™ network to act as

a client of other Ethernet/IP™ connected devices. In Experion,

the EIM and C300 act as Ethernet/IP™ Scanners. They

connect to and exchange data with Adapters of Modular I/O

stations, directly connected devices and Rockwell AB

ControLogix PLCs.

UDT

User Defined Type:

The type of a structured data item in a Rockwell ControlLogix

PLC which groups other data items together. Instances of

UDTs can be named with Tags.

UDT Block

A Control Builder and CEE block which allows for the

transport of UDTs between a C300 and a Rockwell AB

ControlLogix PLC. UDT Blocks are Custom Block Types. They

can be scalar, holding a single datum, or aggregate

(multi-parameter), holding a whole structure’s worth of data. UDT

Blocks present their data within CEE as parameters which can

be read and written by other blocks.

EIM EIP

EIM primary and secondary downlinks are connected to single switch

l In this topology, both Primary and Secondary EIM downlink (in case of non-redundant EIM

there will be on connection) are connected to single Stratix (8000/5700) switch.

l Devices are connected to the Stratix switch in linear bus, star and DLR.

switch.

NOTE

This topology is cost effective as single downlink switch is used, but has single point of failure. If switch fails, it will result in complete loss of control and loss of view.

Figure 4.14 THROUGH EIM Topology

EIM primary and secondary downlinks are connected to different switches

In this topology Primary and Secondary EIM downlink is distributed to two downlink switches. Ethernet/IP™ devices are also distribute across two switches. Any single switch failure in this case will result loss of communication to only those devices connected to that switch. Communication and view to devices connected to other switch will continue to work in such single switch failure case.

Figure 4.15 THROUGH EIM Topology EIM primary and secondary downlinks are directly connected to DLR

Figure 4.16 THROUGH EIM Topology Multiple EIMs are sharing same device network through switch

In this topology, multiple EIMs are connected to same Ethernet/IP™ device network through Stratix switches.

NOTE

l At least one of the ETAPs present in DLR must be configured as Ring Supervisor l Same device must not be configured more than once in single C300s through

same/different EIMs.

l Same device must not be configured in multiple C300s through same/different

Multiple EIMs are sharing same device network through DLR

Multiple EIM’s downlinks are connected to same DLR through ETAPs. No Stratix switch has been used in this topology.

NOTE

l Same device must not be configured more than once in single C300s through

same/different EIMs.

l Same device must not be configured in multiple C300s through same/different

EIMs.

Figure 4.18 THROUGH EIM Topology ControlLogix SCADA access

In THROUGH EIM topology, if Experion Server wants to access ControlLogix tags through SCADA interface, there must be a connectivity from Ethernet/IP™ device network to Experion L2 I/O network where Experion Server sits.

The recommendation is to establish this connectivity through L2.5 router as shown in the diagram above. Please ensure all devices present in Ethernet/IP™ network are configured with L2.5 port IP as the default gateway. Usage HSRP (Hot Standby Router Protocol) at L2.5 router is recommended to achieve network redundancy.

If L2.5 router is not present, L3 router can be used to establish this connectivity.

NOTE

Connection through L2.5 is more secured hence Honeywell recommends usage of L2.5 router for such Experion Server to Control Logix SCADA access.

P

ROFINET

For more information about Profinet, see PROFINET User Guide_EPDOC-X567-en-511.

IEC 61850

6.1

C300 to 61850

This section provides information about the different topologies for IEC 61850 control integration. Information about this section will be added over time.

6.2

EIM IEC61850

6.2.1

IEC 61850 control integration topologies

This section provides information about the different topologies for IEC 61850 control integration.

Network recommendations for creating IEC 61850 control integration

topologies

l The IEC 61850 network should not be directly connected to an L3 router. If access to L3 is

required, it is recommended to use an L 2.5 router to connect I/O and IEC 61850 networks together. The L 2.5 router should connect to the L3 router.

l To disable Microsoft Windows Client and File Sharing options for the IEC 61850 ports on the

SCADA Server:

o Ensure lower MAC address is selected for I/O network installation. If Experion is

installed on servers like Dell 320, then this machine consists of 4 built-in NIC interfaces, Use the first two NICs for I/O connection and other two NICs for IEC 61850 network connections. If you have additional dual NICs on 2 NIC built-in type servers, ensure that lower MAC address NIC is selected for I/O. With this setup, Experion installation automatically selects the lower MAC interfaces ( 1st two interface of built-in NICs) for I/O and System Management and also sets proper binding order that FTEMUX is on top.

o Also, need to interface TCP/IPv4 metric on both the IEC 61850 interfaces to 5 and

10.

o Disable NETBIOS on both IEC 61850 interfaces.

o In addition, the IEC 61850 settings must not include a gateway address on either

interface, assuming that there is a gateway address on the FTEMUX.

l Do not connect IEC 61850 network to the I/O ports.

l Enable the Flow Control option on the IEC 61850 switch ports connected to the EIMs

TIP

Non-Redundant EIM is shown here, but a Redundant EIM can be used with a non-redundant network as well

Figure 6.1 HSR topology model

The following is a simple IEC 62439 High-availability Seamless Redundancy (HSR) Ring topology example.

Figure 6.2 EIM with IEC 61850 HSR Topology

This diagram portrays the deployment PRP topology configuration for the various physical components for an EIM with IEC 61850 and the related Experion L2 nodes, L1 embedded nodes, I/O and IEC 61850 network equipment. This is a simple IEC 62439 Parallel Redundancy Protocol (PRP) topology example.

I

NSTALLING AND

R

EPLACING

S

WITCHES

7.1

Configuring Moxa Switches

The EDS-G512E-T is the only qualified Moxa Ethernet switch. It is a DIN rail mountable device that requires an external power supply. It is used in the Honeywell FTE network as a Level 1 or a Level 2 switch.

7.1.1

Before you begin

l Verify that Tera Term is installed on local machine.

l Download from Moxa the latest USB driver for the switch and install on local machine. l Obtain the appropriate USB cable. The Moxa switch uses an A type USB connection, so an

appropriate USB cable would be one that has an A connector on one end, with the other end having a connector compatible with a USB port on the host being used.

7.1.2

Qualified Switch Firmware

The following table describes the Software Version and the File Name to be used when updating the software for each Moxa switch. This can be done either through the serial port or TFTP.

Switch Type

Software

Version

File Name

Moxa

EDS-G512E

5.14

FWR_EDSG516E_V5.1.4_Build_

16111412.rom

7.1.3

Modifying switch template file

Honeywell provides a set of template files for the Moxa, (specified in section "Details for switch configuration files" on page 1) that can be used as a starting point for configuring a switch. Lines that begin with a ‘!’ are used to provide comments and directions on the use of the template file. These lines are ignored when the file is read by the switch.

At the top of the template file, is a list of placeholder data that needs to be changed before the template becomes a valid configuration file. For example:

! CONTACT | snmp device contact info ! VLANz | vlan number

! S_IP | switch IP address ! S_MASK | switch subnet mask ! NS1 | name server 1

! NS2 | name server 2 ! GW | gateway address

! NTP1 | first NTP server address ! NTP2 | second NTP server address ! SNMP_P | primary snmp server ! SNMP_S | secondary snmp server ! COMUNTY | snmp community ! SNMP_S | secondary snmp server ! COMUNTY | snmp community

Using WordPad, Notepad, or your favorite text editor, simply ‘find and replace’ the words in the ‘Name’ column with the relevant data for that switch.

ATTENTION

The Moxa switch, when a configuration file is downloaded to it, first resets itself to its factory defaults. This means any prior configuration is lost and the new configuration is completely within the downloaded file.

7.1.4

Connecting to the switch

The most consistent way to access a Moxa switch is via telnet or ssh and transferring files over TFTP. The Moxa switch can download the device firmware over either a TFTP or serial connection. However, the switch can only download or save the switch configuration over a TFTP connection. Because of this, this document will proceed with the notion that a TFTP server is available. Before one can do any of that, the switch needs be first minimally set up via USB. The information necessary to get started with this task is:

l vlan number

l IP address and subnet mask l Default IP gateway

l Which port will be used for uplink l IP address for a TFTP server.

l Filename for the appropriate firmware version to be loaded to the switch l Filename for the appropriate configuration file to be loaded to the switch

Once the information has been obtained proceed to the next section.

Initiate connection with Tera Term

l Connect the switch to the host with the USB cable

l Using the Windows Device Manager, find out what COM port is associated with the Moxa

switch.

l Start Tera Term, cancel the initial ‘New Connection’ dialog and open the COM port setup (Setup

> Serial Port…) On the identified COM port, set as illustrated:

– Port: (Select COM port)

– Bits per second (baud rate): 115200 – Data bits: 8 bit

– Parity: none – Stop bits: 1 bit

– Flow control: XON/XOFF

The opening screen should resemble this…

If you do not see this screen, go back and verify the settings in Serial Port setup. Press ENTER and the login screen will be presented